You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2022/02/28 03:00:44 UTC
[GitHub] [apisix] starsz commented on a change in pull request #6455: feat: support post_logout_redirect_uri config in openid-connect plugin
starsz commented on a change in pull request #6455:
URL: https://github.com/apache/apisix/pull/6455#discussion_r815550520
##########
File path: docs/en/latest/plugins/openid-connect.md
##########
@@ -47,6 +47,7 @@ The OAuth 2 / Open ID Connect(OIDC) plugin provides authentication and introspec
| realm | string | optional | "apisix" | | Realm used for the authentication |
| bearer_only | boolean | optional | false | | Setting this `true` will check for the authorization header in the request with a bearer token |
| logout_path | string | optional | "/logout" | | |
+| post_logout_redirect_uri | string | optional | | | URL want to redirect when request logout_path
Review comment:
OK. Let me fix it.
##########
File path: t/plugin/openid-connect.t
##########
@@ -1665,3 +1665,319 @@ GET /t
false
--- error_log
OIDC introspection failed: invalid jwt: invalid jwt string
+
+
+
+=== TEST 28: Modify route to match catch-all URI `/*` and add post_logout_redirect_uri option.
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "plugins": {
+ "openid-connect": {
+ "discovery": "http://127.0.0.1:8090/auth/realms/University/.well-known/openid-configuration",
+ "realm": "University",
+ "client_id": "course_management",
+ "client_secret": "d1ec69e9-55d2-4109-a3ea-befa071579d5",
+ "redirect_uri": "http://127.0.0.1:]] .. ngx.var.server_port .. [[/authenticated",
+ "ssl_verify": false,
+ "timeout": 10,
+ "introspection_endpoint_auth_method": "client_secret_post",
+ "introspection_endpoint": "http://127.0.0.1:8090/auth/realms/University/protocol/openid-connect/token/introspect",
+ "set_access_token_header": true,
+ "access_token_in_authorization_header": false,
+ "set_id_token_header": true,
+ "set_userinfo_header": true,
+ "post_logout_redirect_uri": "http://127.0.0.1:]] .. ngx.var.server_port .. [[/hello"
+ }
+ },
+ "upstream": {
+ "nodes": {
+ "127.0.0.1:1980": 1
+ },
+ "type": "roundrobin"
+ },
+ "uri": "/*"
+ }]],
+ [[{
+ "node": {
Review comment:
I think we should check the response data of this request like other route-creating tests.
Why we don't need to check the response?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org